You can configure a whitelist for each endpoint of your Message Queue for Apache Kafka instance. Only the IP addresses and ports in the whitelist can use the corresponding endpoint to connect to the Message Queue for Apache Kafka instance.

Prerequisites

A Message Queue for Apache Kafka instance is purchased and deployed, and it is in the Running state.

Precautions

  • A whitelist can contain a maximum of 200 entries.
  • You can specify multiple IP addresses and CIDR blocks in each entry that you add to a whitelist. Separate multiple IP addresses or CIDR blocks with commas (,).
  • You can remove entries from a whitelist and add entries to a whitelist. You can remove or add a single entry at a time.
  • If a whitelist contains only one entry, you can remove the entry from the whitelist. After the entry is removed, you can no longer access the Message Queue for Apache Kafka instance by using ports within the supported port range. Make sure that you are fully aware of the impact of this removal operation on your business.

Add IP addresses or CIDR blocks to a whitelist

To add IP addresses or CIDR blocks to a whitelist, perform the following steps:

  1. Log on to the Message Queue for Apache Kafka console.
  2. In the Resource Distribution section of the Overview page, select the region where your instance is deployed.
  3. On the Instances page, click the name of the instance that you want to manage.
  4. In the Endpoint Information section of the Instance Details page, find the endpoint for which you want to configure the whitelist and click Edit Whitelist in the Actions column.
  5. In the panel that appears, click Add IP Address to Whitelist, enter one or more IP addresses or CIDR blocks in the field that appears, and then click OK.

Remove IP addresses or CIDR blocks from a whitelist

If you want to remove an IP address or a CIDR block from a whitelist, go to the corresponding whitelist editing panel. Find the IP address or CIDR block that you want to remove, and click Delete.